Skip to content
Town Hall icon

Privacy notice

Our privacy notice explains how the council uses information about you, the ways in which we protect your privacy and some of the rights you have in relation to our handling of your data.

Islington Council is committed to protecting your privacy when you use council services.

Our privacy notice explains how the council uses information about you, the ways in which we protect your privacy and some of the rights you have in relation to our handling of your data.

Further information relating to specific departments can be found by clicking on the links below:

Personal data

Personal data means information about a living individual who can be identified directly or indirectly from that information. Where necessary, we process personal data to deliver our services effectively. Where possible, the data that we process will be anonymised or pseudonymised. Processing covers everything we do with your data from collecting your data, to storing, managing and deleting it.

This personal data might be provided to us by you, or provided by someone else or it could be created by us.

Why we use personal data

The council provides a wide array of services to the public, and it often cannot do so without using people’s personal information. It is hard to give a complete list of every situation in which we may need to use information about you. You will usually be able to get a clearer sense of how we use your data in a particular area by looking at the specific pages on our website about that particular service or issue. Where we specifically require you to provide us your personal data, we will tell you why.

But we can try broadly to summarise when we might use your information. We may need to use some information about you to:

  • manage and deliver services and support to you

  • train workers

  • help investigate any worries or complaints you have about your services

  • keep track of spending on services

  • check the quality of services, including our regulatory obligations

  • help with research and planning of new services.

How you can access the information we hold about you

We would normally expect to share what we record about you with you whenever we assess your needs or provide you with services. 

However, you also have the right to ask for all the information we have about you and the services we have provided to you.

You can find more about what you are entitled to and how to make a subject access request with our Subject Access Form on our Data Protection pages.

How to ask for correction of inaccurate information

You should let us know if you disagree with something written on your file. We may not always be able to change or remove the information. However, we will correct factual inaccuracies and may include your comments in the records.

When you can ask us to limit what we use your personal data for

You have the right to ask us to restrict what we use your personal information for where:

  • you have identified inaccurate information and have asked us to correct or erase it

  • you don’t want your personal data to be erased but you are contesting whether we can lawfully use it

  • you don’t want your personal data to be erased but you are contesting whether it is still necessary for us to use it for the purpose for which it was collected. 

When our use of information is restricted this way, other than storing it securely, it can only be used with your consent or where it is needed for legal claims, to protect the legal rights of others, or where it’s for important public interests.

Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.

You have the right to ask us to stop using your personal information for any council service. However, if this request is approved this may delay or prevent us delivering that service. 

We may need to hold or use information because we are required to by law.

Consent

Where you may have provided your consent to the handling and use of your personal information for a particular purpose, you can always withdraw that consent. However, we will not always need your consent to use your personal data.

Right to be Forgotten

If you want to request that the council stops processing your personal data, you should describe the information concerned and outline the reasons for your request. Where we have a legal obligation to retain data, or where it is otherwise necessary to retain the data, we will inform you. Otherwise, we will consider your request under your “right to be forgotten”. Find more information on the Information Commissioner’s website.

Ask to have your information moved to another provider (data portability)

You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.

However this only applies if we’re using your personal information with consent (not if we’re required to by law) and if decisions were made by a computer and not a human being. 

This is unlikely to apply to most of the services you receive from the Council.

Automated individual decision-making and profiling

You can ask to have any computer made decisions explained to you, and details of how we may have ‘risk profiled’ you.

You have the right to question decisions made about you by a computer, unless it’s required for any contract you have entered into, required by law, or you’ve consented to it. 

You also have the right to object to profiling. Profiling is where decisions are made about you based on aspects of your personal information. 

If and when the council uses your personal information to profile you, in order to deliver the most appropriate service to you, you will be informed. 

If you have concerns regarding automated decision making, or profiling, please contact the Data Protection Officer who’ll be able to advise you about how we use your information.

How we keep information secure

We will take appropriate steps to make sure we hold records about you (on paper and electronically) in a secure way, and we will only make them available to those who have a right to see them. Our security includes:

  • encryption

  • firewall and network security frameworks

  • access controls on systems

  • access controls on council buildings

  • security training for all staff.

View our policy on information security.

How long we keep your personal information

Read our retention schedule which explains how long we keep all information held by the council on our policies and procedures page.

Who we share your personal information with

We use a number of commercial companies and partners to either store personal information or to manage it on our behalf, and also to provide certain services to you. Where we have these arrangements there is always a contract, memorandum of understanding or information sharing protocol in place to ensure that the organisation complies with data protection law.

We may also need to share data internally between Council departments where this is legal and proportionate.

In addition, there are circumstances when we are likely to share data with other public authorities and organisations where there is a legal basis for doing so, which might include:

  • other local authorities

  • government departments including HMRC

  • health service providers

  • the police

  • fire brigades

  • housing associations

  • voluntary and charity organisations

  • independent suppliers of council services (for example, care homes)

Sometimes we have a legal duty to supply information about people. This is often because we must give that information to courts, including:

  • when we take a child into care

  • court orders

  • cases under mental health law.

In very limited circumstances we may share your personal information when there is a pressing and legal reason for doing so that is more important than protecting your confidentiality, for example, if there a serious risk to an individual’s safety. We may share your information:

  • for the detection and prevention of crime/fraudulent activity

  • if there are serious risks to the public, our staff or to other professionals

  • to protect a child

  • to protect adults who are thought to be at risk, for example if they are frail, confused or cannot understand what is happening to them.

This risk must be identified as being serious before we can go against your right to privacy. When we are worried about your physical safety or we feel that we need to take action to protect you or another person from being harmed in other ways, we will discuss this with you and, if possible, get your permission to tell others about your situation. 

When using personal data for research purposes, the data will be anonymised (where your name or identifying details are removed) to avoid the identification of an individual, unless consent has been given for the use of the personal data.

We would not normally expect to send any of your personal information outside of the EEA

We do not sell or provide personal information to any other organisation for the purposes of direct marketing.

Data analytics

In order to improve the services we provide to our residents and ensure we make the most efficient use of resources, we use data and information from a range of sources gathered across the council and from data provided by external organisations such as the NHS, to understand more about the needs, including health and care, of residents. This data is used to derive statistics and intelligence for research and planning purposes and to monitor how our services are performing. This information may also be used to identify priorities for action and inform decisions made by the council about the services we provide.

In order to protect your individual privacy, data analytics are only undertaken using anonymised (where your name or identifying details are removed) or pseudonymised data (where your name or identifying details are replaced with a key).   

At no point will data profiling data be used to identify you individually or your family. It is for research and planning purposes only.

Cookies

To make this site simpler, we sometimes place small data files on your computer. These are known as cookies. Most big websites do this too. They improve things by:

  • remembering settings, so you don’t have to keep re-entering them whenever you visit a new page

  • remembering information you’ve given (e.g. your postcode) so you don’t need to keep entering it

  • measuring how you use the website so we can make sure it meets your needs

  • processing your IP address for the purposes of firewall support.

By using our website, you agree that we can place these types of cookies on your device.   

Our cookies aren’t used to identify you personally. They’re just here to make the site work better for you. You can manage and/or delete these small files as you wish.

To learn more about cookies and how to manage them, visit AboutCookies.

Measuring website usage (Google Analytics and Microsoft Clarity)

We use Google Analytics to collect information about how people use this site. We do this to make sure the website is meeting users’ needs and to understand how we could improve it.   

Google Analytics stores information about what pages you visit, how long you are on the site, how you got there and what you clicked on. We do not collect or store your personal information other than your IP address (e.g. not your name or address). We do not try to identify you from your IP address.

We also collect information on the number of times particular search terms are used and the number of failed searches. We use this information to improve access to the site and to identify gaps in the information content so we can plan appropriate expansion of the system.

We collect cookie information for Microsoft Clarity to create heatmaps and funnels that show us how you use our webpages. For more information about Microsoft Clarity’s cookies, visit the Microsoft website.

Social network contact with the council

When you choose to contact the council with social media accounts (such as Facebook/Twitter) you should know that the council cannot control the data you post there. Once we have transferred any requests for service or complaints from the platform concerned onto our corporate systems, your information will be treated like any other personal data the council holds.

Microsoft Copilot 365

We are currently trialling the use of Microsoft Copilot 365 within the council to enhance staff productivity and efficiency. It is important to note that this generative Artificial Intelligence (AI) tool will not be used to make decisions about service users or residents. Instead, Copilot is being evaluated to understand how it can assist our staff with tasks such as:

  • Meetings: Copilot assists with meetings by taking minutes, producing summaries and actions, and helping staff catch up on missed meetings.
  • Writing: Copilot helps with writing documents and emails, such as suggesting ways to word something, helping to creating drafts and formatting documents.
  • Presentations: Copilot is used to speed up the time it takes to create PowerPoint presentations.
  • Data analysis: Copilot is used to analyse and visualise data, identify trends, and creating reports and graphs.

The council’s data, used with MS Copilot 365, is stored within our secure Microsoft tenant, which is held within the UK. The data is under the control of the council and is not used to train or improve Microsoft, or third party, AI models.

Where the council uses resident or service user personal data with MS Copilot 365, this is processed under the lawful basis of ‘public task’ or to fulfil our legal and statutory duties under the legislation cited within our privacy notices.

Where MS Copilot 365 is used to assist the council with meetings involving members of the public, we may collect video recording or transcripts of conversations. These are used for the purposes of accurate minute taking and are automatically deleted after 60 days.

We recognise that the potential uses of Copilot may evolve over time. Any new applications will be carefully considered and aligned with our commitment to data privacy and security. To ensure responsible AI usage, we have established an AI Centre of Excellence that oversees staff training, governance, and ethical considerations.

Contact the council about data protection

If you have any data protection queries or require further information on how the council handles your data, please feel free to contact our Data Protection Officer, c/o Information Governance Team, London Borough of Islington, 3rd floor, Laycock Wing, 222 Upper Street, London N1 1XR, or by email at DP@islington.gov.uk.

Make a complaint about the way the council has handled your data

If you have any data protection complaint, or if you believe your personal data has been mishandled, please contact our Information Governance Team, London Borough of Islington, 3rd floor, Laycock Wing, 222 Upper Street, London N1 1XR, or by email at DP@islington.gov.uk.

If you remain dissatisfied with the outcome of your complaint, you can refer the matter for adjudication to the Information Commissioner’s Office (ICO) whose details appear below.

Get independent advice

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner’s Office (ICO) at:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

You can also visit ico.org.uk or email CaseWork@ico.org.uk.

Was this information helpful?



Data protection: We will handle your personal information in line with the Data Protection Act 1998 and in accordance with the council’s Fair Processing Notice.